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[57] ABSTRACT 

A digital encryption structure allows the varying of the 
computational overhead by selectively reusing, accord- 
ing to the desired level of security, a pseudorandom 
encoding sequence at the transmitter end and by storing 
and reusing pseudorandom decoding sequences, associ- 
ated with one or more transmitters at the receiver end. 
A public initialization vector is combined with a secret 
key to produce a deterministic sequence from a pseudo- 
random number generator. This pseudorandom se- 
quence in turn, is used to convert plaintext to cipher- 
text. The sequence may be selectively reused by storing 
the sequence to a transmitter memory cache and itera- 
tively reading the sequence from memory according to 
a counter which controls the level of security of the 
encryption system. The ciphertext is decrypted on the 
receiver end by invertibly combining the ciphertext 
with the same pseudorandom sequence used by the 
transmitter to originally encode the plaintext. The pseu- 
dorandom sequence is independently generated by the 
receiver end using the original key and initialization 
vector used in the transmitter end. Once generated in 
the receiver, the pseudorandom sequence is stored in a 
receiver cache for reuse with each iterative use of the 
stored transmitter pseudorandom sequence. 

27 Claims, 8 Drawing Sheets 



Read Cache 



Ciphertext 




24 



02/18/2004, EAST Version: 1.4.1 



U.S. Patent Sep. 6, 1994 Sheet 1 of 8 5,345 




02/18/2004, EAST Version: 1.4.1 



U.S. Patent Sep. 6, 1994 sheet 2 of 8 5,345,508 



CD 
C 

o 

Q. 

O 

c 



>. 

CD 

c 
o 

S. 
>* 

o 

<D 
O 













1 


E 


CD 


o 


C 




CD 


an 


CD 








CD 




XI 


3 

CD 


E 


CO 




Q_ 


z 



CD ^ 

■•-» 

C 



© 
> 

*© 

o 

CD 



X 

CD 

© 
Q. 

o 




o 

CL 



CD 



© 



CO 

c 
© 



02/18/2004, EAST Version: 1.4.1 



U.S. Patent Sep. 6, 1994 



Sheet 3 of 8 



5,345,508 




02/18/2004, EAST Version: 1.4.1 



U.S. Patent 



Sep. 6 t 1994 



Sheet 4 of 8 



5,345,508 




02/18/2004, EAST Version: 1.4.1 



U.S. Patent Sep. 6, 1994 sheet 5 of 8 5,345,508 




CO 



§1 



o 

CO 





CD 




O) 


8 


(0 








o 




CO 



d 

LL 




02/18/2004, EAST Version: 1.4.1 



U.S. Patent Sep. 6, 1994 sheet 6 of 8 5,345,508 



IV 


Sequence 


IV 1 


Sequence 1 


IV 2 


Sequence 2 


t 

f 

\ 
| 

i 

I 






IV n-1 


Sequence n-1 


IV n 


Sequence n 


I II I 




i 


74 



FIG. 4(b) 



02/18/2004, EAST Version: 1.4.1 



U.S. Patent Sep, 6, 1994 sheet 7 of 8 5,345,508 



Send a Message ^ 




Ciphertextfi] = PN Sequence^] XOR 
Plaintext[i] 
73 

I 

message.iv = IV, message.data = CiphertextQ 

75 




FIG. 5 



02/18/2004, EAST Version: 1.4.1 



U.S. Patent 



Sep. 6, 1994 Sheet 8 of 8 



Receive Message 

i 



Search cache for iv matching 
incoming message iv 




Generate sequence 

Plaintexts = PN Sequenced 
XOR Ciphertext[i] 




FIG. 6 



02/18/2004, EAST Version: 1.4 



5,345,508 

1 2 

used invertible functions, although other functions can 

METHOD AND APPARATUS FOR be employed. 

VARIABLE-OVERHEAD CACHED ENCRYPTION Decoding of the encrypted ciphertext may be per- 
formed by the receiver using a method identical to that 

BACKGROUND OF THE INVENTION 5 used by the transmitter. Ciphertext is received from the 

1. Field of the Invention transmitter and combined using a logical XOR gate, 

This invention relates to data encryption, and more Wth \ P^dorandom sequence generated by a PN 

particularly to a method and apparatuVfor varying the ^ f ' f" f ? ' v° ™ C 

V~ . . . , , L j essence of the electronic codebook system is that an 

c^p^tionaloverhead associated wrd^ncrypting and „ tion ^ h ^ to te * ^ onmdom 

decrypting ^ digital date signals by selectively reusing, ™cc in the transmitter side, and the identical se- 

according to the desired level of security, a pseudoran- w b ^ gcncratcd m ±c receiver whcn ^ same 

dom encoding sequence at the transmitter end and by k ^ ^ to ^ pN gencrator . 

stonng and reusing pseudorandom decoding sequences XO R gate in the receiver provides the inverse 

at the receiver end. l5 of ^ X OR gate in the transmitter so that 

2. Description of the Background Art logical combination of the ciphertext and the FN se- 
Data encryption is a function that ensures the privacy quence in the receiver produces the same plaintext that 

of a digital communication by preventing an unautho- was originally encoded by the transmitter, 

rized receiver from understanding the contents of a One drawback of the prior art system described is 

transmitted message. A conventional "symmetric key" 20 that the overhead of generating PN sequences is quite 

cryptosystem is generally illustrated in FIG. 1(a). A high, particularly relative to the overhead of applying 

transmitter transforms a plaintext message into cipher- the combination function. In practice, it is typical to 

text using an invertible encryption transformation. This generate and combine the PN sequence with a plaintext 

transformation is a function of the plaintext input mes- message of arbitrary length one character at a time, as 

sage and a secret key which is shared by both the trans- 25 needed. The characters of the PN sequence are dis- 

mitter and the receiver. The ciphertext is then transmit- carded after a single use, so there is no opportunity to 

ted over an unsecured public channel and the intended spread the cost of computing the sequence over several 

receiver of the message, also in possession of the secret messages. The rate at which messages can be encrypted 

key, applies the inverse transformation to decrypt the and decrypted is therefore limited by the speed at which 

ciphertext and recover the original plaintext message. 30 ^ sequence can be produced. What is needed is a 

The secret key is communicated to a plurality of autho- method for storing and reusing PN sequences in order 

rized users through a secure channel (for example, a to increase the transmission rate of messages through 

secure Key Exchange Algorithm may be employed) the cryptosystem. 

and the key effectively dictates a specific encryption Another drawback of the prior art system is that the 

transformation from a family of cryptographic transfer- 35 receiver's PN generator may lose synchronization with 

mations. In general, any station in possession of the that of the transmitter under some circumstances, neces- 

secret key may encrypt or decrypt messages. sitatm « additional recovery procedures in order for the 

A conventional cryptosystem can be said to exhibit be recovered. For example, if the next char- 

"unconditional security" if the secret key is as long as ^ «mtted by the PN generator is a function of the 

the ciphertext message, each key is used only once, and 40 ™ m P ut 25 w f U » of characters that 

all keys are equally likely. However, sine* most systems ? ave been P^yioudy emitted, and. if the message is 

can be expected to transmit a large number of messages, bem « ^mmumcated from the transmitter to the re- 

the problem of distributing the key information be- f T ^menis °! ^ ke ^ k and "- any pact 

*■ ■ j wi w * ^ i * _* i- ets are lost or received out of order, then it will first be 

comes formidable, Most practtcd cryptosystem* have 43 neces for ^ receiver w receive md ^ ^ 

short keys compared to the length of a message. The ^ * fa ^ Qjda before dec Jin of ^ 
lessened security resulting from short keys is compen- me ^ ^ be acc ^ plished . It * 
sated for by rdying on the complexity of the way that ^ ^ ^ CTyv LysXsm ^ rty of 
the key is combined with the data. self-synchronization between transmitter and reiver 
A particular example of a conventional cryptosystem, ^ sach ^ nQ ^titan* recovery procedures are re- 
hereafter referred to as an electronic codebook, is gen- quired to decode messages, 
erally illustrated in FIG. 1(A). The electronic codebook 

involves the use of a secret key that is shared by both SUMMARY OF THE INVENTION 
the transmitter and the receiver. The transmitter utilizes accordance with the present invention, an appara- 
the key to generate a detenmnistic, apparently random 55 ^ ^ method are described for variable overhead 
sequence of binary digits using a Pseudorandom Num- cached encryption and decryption. A transmitter unit is 
ber (PN) generator. An essential feature of the PN gen- used f or encoding or encrypting data and a separate 
erator is that with a specific key input, a unique PN authorized receiver decodes or decrypts the data. Both 
sequence of arbitrary length may be generated. The PN the transmitter and receiver share a common secret key 
sequence is then combined with the binary representa- 60 that has been communicated through some separate 
tion of the plaintext message to be encrypted to produce channel. The transmitter combines the secret key 
a sequence of ciphertext The combination of the PN (which serves as a constant base value) with an Initial- 
sequence and the plaintext must be accomplished using ization Vector (TV), using an XOR operation to pro- 
an invertible function. An invertible function is one that duce a temporal key. This temporal key is then used as 
has a known inverse such that when the inverse fane- 65 an input to a pseudorandom number (FN) generator to 
tion is applied to the ciphertext the original plaintext produce a unique PN sequence of binary digits, for each 
can be extracted. For example, two's complement addi- new. temporal key entered. The generated PN sequence 
tion or bit-wise exclusive-OR (XOR) are two widely is equal in length to the longest anticipated message 



02/18/2004, EAST 



Version: 1.4,1 



5,345,508 

3 4 

fragment. The init i a liz ation vector together with its FIG. 2 is a block diagram showing the transmitter of 

corresponding PN sequence is then stored in a cache the variable-overhead cached encryption system of the 

and the PN sequence is iteratively reused, as determined present invention; 

by a counter, to encrypt one or more plaintext mes- FIG. 3 is a block diagram showing the receiver of the 

sages. The counter is initialized to a maximum count 5 variable-overhead cached encryption system of the 

value whenever a new PN sequence is generated, and present invention; 

the counter tracks reuse of the PN sequence to encrypt FIG. 4(a) is a block diagram showing a general pur- 

the number of messages specified by the mmimnm pose computer which is used to implement the cached 

count value. When the maximum count value specifies encryption system .of the present invention; 

that the PN sequence is to be used only once, the secu- 10 is a table showing the arrangement of 

rity afforded by the present invention will be high, but cached data of the present invention, in which each 

a new PN sequence must be generated for each message member of a list of initialization vectors is stored to- 

sequence transmitted and so the computational over- gether with its corresponding pseudorandom sequence; 

head will also be high. If the maximu m count value FIG. 5 is a flow diagram showing the method steps of 

specifies a maximum count value greater than one, the 15 transmitting encrypted data using the apparatus of FIG. 

PN sequence stored in the cache will be reused to en- 2 ! ^ 

crypt the marimnm count number of message sequen- FIG. 6 is a flow diagram showing the method steps of 

ces. The resulting ciphertext messages will be more receiving encrypted data using the apparatus of FIG. 3. 

vulnerable to statistical cryptoanalytic attack as the DESCRIPTION OF THE PREFERRED 

maximum count value increases. The PN sequence from 20 EMBODIMENT 

the cache is combined with the plaintext data to be _ 

transmitted using an invertible combination function. The encryption-decryption system of the present 
An exclusive-OR (XOR) function is used in the pre- " lvcn . tlon l °[ a unique combination of digital 
ferred embodiment to produce a ciphertext message. „ ^ of which are separately conven- 
The unencrypted initialization vector is then concate- 25 Uoi f ^ d . wc ? mde ff> od m «*■ ™ e ^tern is 
nated with the ciphertext, and together, both are ex- P rcferabl y implemented on a general purpose computer 
ported by the transmitter to the receiver for decrypting. . P ™!TT dm l 
As each plaintext , message is encrypted and exported, «™ f^ows teaches the invention m terms of 
*i. i * • j * j 1*^1. % *■ functional blocks which may be readily implemented 
the value of the counter is decremented. If the value of ^ conventional discrete or integrated digital cir- 
the counter goes to zero then a new imtiahzation vector ^ Xhc fcrred ^piementationfe described with 
is selected and the above steps are repeated for subse- rcfcrcncc to F IGS. 4 and 5 below 
quent messages. A new mixtion vector should be Rcferrin nQW to mQ 2 a ttansmitter 1Q h shown 
chosen with equal probability from the set of all posa- for encryptmg plailltext ^ 32 mto ci p he rtext 28. 
ble initialization vectors since this has the desirable 35 Plamtej(t data 32 h ^ QTmatiQn w £ ch ^ be 
result of selecting a large number of different encoding by both a sender ^ a receiver ^ 
sequences over the life of the secret key. ^ be readU mdersXood by other unauthorized 
The encoded communication is imported by the re- third parties having accsss to the co^^^ chan _ 
ceiver and the initialization vector portion is extracted. neL The function of transmitter 10 is to encode or en- 
The receiver's cache of previously received initialize 40 crypt the plaintext data 32 in such a way that the infor- 
tion vectors is searched using the imported mitialization is only t0 a receiver a bona Me 
vector as a search key to determine whether an entry acc^ t0 th e data. A central feature of transmitter 10 is 
exists for it in the cache. If the mitialization vector has a key 12 which is secret as to third parties but shared 
been previously received and stored, then the corre- between the transmitter and a receiver 20 (shown in 
spending PN sequence has already been computed and 43 FIG. 3) of data 32. As discussed with reference to FIG. 
stored and is available for decoding the imported ci- i( a ) t t ey u would ideally be infinite in length and 
phertext without having to regenerate the PN sequence. would be unique as to every message communicated 
If the imported initialization vector is not found in the between the transmitter 10 and the receiver 20. In prac- 
cache, then the associated PN sequence is not available nce , however, key 12 is relayed only periodically be- 
and the receiver then combines the initialization vector 50 tween the transmitter 10 and the receiver 20 and during 
with the secret key to produce a temporal key and the periods between the relay of the key, the key is used 
corresponding PN sequence identical to the sequence repetitively to encrypt plaintext data 32 from transmit- 
used by the transmitter to encode the data. This PN ter 10 before transmission to receiver 20. 
sequence is then combined with the ciphertext, using an An initialization vector (TV) 14 is produced by IV 
XOR gate, to recover the original plaintext from the 55 generator 29 and utilized by the transmitter 10 and 
ciphertext The initialization vector and corresponding receiver 20 to extend the usability of the key 12. The 
newly generated PN sequence are then stored in the key 12 is a relatively expensive component to generate 
receiver cache, to be available for comparison with and mainour The key 12 must be randomly generated 
subsequently received initialization vectors. Utilization and must be securely transmitted between transmitter 
of this cache can greatly reduce the overhead associated 60 10 and receiver 20 in a secure channel which is separate 
with generating PN sequences, particularly when from the communication system through which cipher- 
higher, count values are used by a given transmitter. text 28 is transmitted. Consequently, even though the 

BRIEF DESCRIPTION OF THE DRAWINGS ? f ***** " with each succesave 

use, efficiency demands that ma«mnm utilization of the 

FIG. 1(a) is a block diagram showing a conventional 65 key occurs. One way of extending the utilization of the 

symmetric key cryptosystem; key 12 is to combine the key with a local key such as the 

FIG. t(b) is a block diagram showing an example initialization vector 14. TV generator 29 generates a 

electronic codebook cryptosystem of the prior art; random sequence having the same length as key 12. 
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Generator 29 repeats the same IV sequence until reset ■ 
25 signals that a new sequence is to be generated. Initial- 
ization vector 14 is combined with key 12 using a con- 
ventional exclusive-OR (XOR) gate 16 to produce a 
temporal key 17. Various other logical functions can be 5 
equivalently used in place of XOR gate 16 to mask the 
identity of the key. This logical function need not be 
invertible. The XOR function is applied bitwise and is 
defined by a logical "0" whenever all inputs are the 
same, and a logical "1" otherwise. Initialization vector 10 
14 is transmitted to receiver 20 as part of the communi- 
cation sequence containing the ciphertext output 28. . 
Information transmitted from transmitter 10 to receiver 
20 includes a block of ciphertext 28 concatenated with 
initialization , vector 14. In essence, the initialization 15 
vector 14 becomes public hi that it is transmitted in an 
unencrypted format and may be more easily appropri- 
ated by third parties. However, since initialization vec- 
tor 14 is always encoded with key 12 to produce tem- 
poral key 17, the value knowing of this initialization 20 
vector b limited. Since the initialization vector 14 is 
merely a component of temporal key 17, it would be 
difficult to determine the value of the temporal key 
knowing only the value of the initalization vector. 

Temporal key 17 acts as a seed to a Pseudorandom 25 
Number (PN) generator 18. PN generator 18 is a deter- 
ministic machine, conventional in the art, and charac- 
terized by the fact that given a specific input or seed 
value, a unique and repeatable output sequence of arbi- 
trary length can be generated. This output sequence 30 
from PN generator 18 is referred to in FIG, 2 as a tem- 
poral sequence 23 and is equal in length to the longest 
anticipated plaintext data 32. Once generated, the tem- 
poral sequence 23, is then stored in cache 22, a conven- 
tional memory register. The contents of cache 22 is then 35 
written as a PN sequence to XOR gate 26. XOR gate 26 
is similar in construction to XOR gate 16 and is used to 
combine the PN sequence 24 with the plaintext data 32 
to produce ciphertext 28. 

An additional feature of the present invention is 40 
counter 21, which controls the generation of new ini- 
tialization vectors 14 and thereby the security level of 
the encryption system. Cache 22 contains the temporal 
sequence 23 produced by the PN generator 18 in re- 
sponse to the input combination of the initialization 45 
vector 14 and the key 12. In the preferred embodiment, 
cache 22 is designed to contain one or more temporal 
sequences 23 arranged as a function of initialization 
vectors 14. For a specific initialization vector 14, a 
corresponding temporal sequence 23 will be stored. A 50 
further discussion of the implementation of cache 22 
can be found with reference to the discussion of FIGS. 
4(a) and 4(A) below. Counter 21 selectively resets IV 
generator 29, enabling the iterative reuse of a specific 
initialization vector 14 and corresponding temporal 55 
sequence 23 in order to improve the efficiency of the . 
transmitter 10. The counter 21 is operated by initially 
loading a maximum count signal 19 into the counter 21. 
As each new data sequence 32 is present, a decrement 
signal 27 instructs counter 21 to decrement When 60 
counter 21 decrements to zero, then a new initialization 
vector 14 is subsequently utilized by XOR 16 in generat- 
ing a new temporal key 17. With each sequence of plain- 
text data 32 combined in XOR gate 26, a PN sequence 
24 of identical length is read from cache 22 by XOR 26. 65 
With each new plaintext date 32 sequence, the decre- 
ment signal 27 reduces the counter 21 contents by one. . 
The encrypting process proceeds in XOR gate 26, read- 
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ing PN sequences 24 and decrementing counter 21 until 
the counter 21 contents reaches zero causing the TV 
generator 29 to reset Resetting the IV generator 29 
results in the generation of a new initialization vector 
14. Counter 21 has been described with respect to FIG. 
2 as a plaintext data 32 sequence counter, decrementing 
with each sequence processed Counter 21 equivalently 
implements a timer or clock function, resetting the TV 
generator 29 after a period of time set by Max Count 21. 
In this way, initialization vector 14 extends the usability 
of the key 12 by making the corresponding PN se- 
quence 24 more difficult to determine. Use of counter 
21 and cache 22 serve the purpose of reducing the 
costly overhead associated with generating PN sequen- 
ces 24 by reusing the sequences generated and stored in 
the cache 22. The counter 21 enables variability of the 
overall security of the transmitter 10 and receiver 20 by 
providing a selection of the number of times each spe- 
cific temporal sequence 23 is used in the encoding of 
data. In the preferred embodiment, the counter 21, reset 
25, maximum count 19, and decrement 27 signals are 
implemented in the central processing unit of a conven- 
tional genera] purpose computer. 

Referring now to FIG. 3, a receiver 20 is shown in 
which a ciphertext 28 is decoded to produce an unen- 
crypted plaintext data 66 which is identical to the plain- 
text data 32 sequence of transmitter 10. As the commu- 
nication sequence containing an initialization vector 14 
and a block of ciphertext 28 is imported by receiver 20, 
the initialization vector 14 is stripped off and applied to 
cache 48 and to XOR gate 42. Other functions may be 
equivalently substituted in place of XOR gate 42; how- 
ever, gate 16 and gate 42 must be identical. Initialization 
vector 14 is then compared in cache 48 with other ini- 
tialization vectors stored in cache 48 to determine 
whether the specific initialization vector 14 has previ- 
ously been received and stored If the specific initializa- 
tion vector 14 is found to be stored in cache 48, then the 
PN sequence associated with that initialization vector is 
written to an XOR gate 64, and the stored PN sequence 
is used to decode the imported ciphertext 28. When a 
match of the received initialization vector 14 is made to 
a stored initiahzation vector in cache 48, read cache 
signal 52 instructs multiplexer 58 to route the stored 
sequence 56 output to the XOR gate 64. From the view- 
point of the XOR gate 64, the PN sequence stored in 
cache 48 becomes the selected sequence and is delivered 
through multiplexer 58 via the stored sequence 56 out- 
put of the cache. 

If a determination is made that the initialization vec- 
tor 14 has not been previously received, then the read 
cache signal 52 of cache 48 signals multiplexer 58 to 
connect the PN generator 44 to the XOR gate 64. In this 
event, initialization vector 14 is used in producing a 
temporal key 38 input to PN generator 44 to generate a 
new PN sequence 46 identical to the corresponding PN 
sequence 23 used in the encoding of the ciphertext 28 by 
the transmitter 10. The read cache signal 52 is then 
inverted and used to enable the output of the PN gener- 
ator 44. Just as in the case with the transmitter 10, ini- 
tialization vector 14 is combined with key 12 in XOR 
gate 42 to produce a temporal key 38. It should be noted 
that this temporal key 38 is identical to the correspond- 
ing temporal key 17 produced in the transmitter 10 by 
the XOR gate 16 combination of key 12 and initializa- 
tion vector 14. PN generator 44 receives temporal key 
38 to produce a PN sequence 46, which is then con- 
nected via multiplexer 58 to XOR gate 64 as a selected 
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sequence 62. In order to improve the efficiency of fu- In an alternative operating mode, a single computer 
tore decoding of ciphertext 28 utilizing this specific system 40 acts as both a transmitter 10 and as a receiver 
initialization vector 14, the PN sequence associated 20, storing ciphertext to mass storage 41 and later re- 
with the initialization vector is then stored in cache 48 trieving the stored ciphertext for decoding and use. The 
together with its corresponding initialization vector. 5 purpose of this second mode of operation is to allow for 
When the next block of ciphertext 28 is received using the secure storage of sensitive data 
the same initialization vector 14, the PN sequence 46 Referring now to FIG. 4(6), a memory map of cache 
need not be regenerated by PN generator 44, but rather 60 is shown in which a list of initialization vectors 72 are 
may be read from cache 48 as a stored sequence 56. It paired with corresponding sequences 74. The entry "IV 
should further be noted that the imported initialization 10 i» has a corresponding "Sequence 1" "IV 2" has a 
vector 14 has a dual purpose: it is used both as a compo- corresponding "Sequence 2", and 'TV n" has a corre- 
ct of the temporal key 17 for generating PN sequence ending "Sequence n". Cache 60 memory provides a 
46 and as an input to cache 48 for the purpose of deter- functional implementation of cache 22 in FIG. 2, when 
mining whether there exists a stored sequence 56 corre- computer system 40 U or^tmg as a transmitter 10, and 
spending ; tc .the imported ^ mitzahzation vector 14. The 15 provides an implementation of ckche 48 in FIG. 3, when 
^ te £ ™f J*?* « ™* the computer system is operating as a receiver lb. The 
ciphertert 28 to produce plaintext data 66 which is 21 output in transmitter 10 is implemented as a 

S^TSS ESSE??? ^ ™ » *«f » CPU 4 t ^ 

uiiguwiujf wwucu iu umimuiwi iv. ments the contents of counter memory 43 each time a 

An important benefit of the encryption system of the 20 r»»i . ... , , y " . 

f . \* ' ' ' _ • . rt 7 PN sequence is utilized to encode a sequence of plain- 
present invention is that the transmitter 10 and receiver . _ lu aiLUUC a SC 4 UCUUC 01 P™ 

20 are self-synchronizing. That is, assuming the key is D r . 4 _ _ . « 

shared, everything needed to decode a blotk of trans- r Refc ™ g now to ™- ?' a * ow 
mitted data is contained within the message. Knowl- * e ^programmed instruction steps which are exe- 
edge of prior messages or sequences is not required. 25 cu * d bv . ? ^S°^ 0 ^ T 4 °' £Ctmg m * e 

Referring now to FIG. 4(a), a diagram is shown of a m °? e ° f a trans ^tter 10 (FIG. 2) in oicrypung plain- 
general purpose computer 40 used for the preferred teIt ^ * V^ce the ciphertext 28 of the present 
implementation of the encryption system shown in P** 1 **- Ste P *J * ^ en *ry P°"it for the encrypting 
FIGS. 2 and 3. The preferred implementation of the instructions of FIG. 5. If step 63 determines that the 
present invention consists of programmed instructions 30 routme variables have not been initialized, CPU 31 
implemented on an Apple Macintosh ® computer, mitiabzes tee routine variables in step 65 by setting the 
manufactured by Apple Computer, Inc. of Cupertino, packet count to Max Count generating an Initialization 
Calif. The general method steps, described below, can Vector (IV), and setting the PN Sequence to the value 
be equivalently implemented on any. general purpose NewSeqCTV XOR Secret Key). The variable IV is equal 
computer and many other programmable processor- 35 to the initialization vector 14 and the variable Secret 
based systems. The general purpose computer 40 con- Kcv a previously determined and stored value equal 
sists of a CPU 31 attached to a number of processing to ke y u - ^ function "NewSeqO" is a conventional 
components. CPU 31 contains a keyboard 37 and a algorithm for pseudorandom number generation, using 
CRT 35 through which a user can interact with CPU toe values of IV and Secret Key as seed components. 
31. The CPU 31 is connected to a communication port 40 For example see Blahut, Richard, Digital Transmission 
33 for interfacing with other processors and communi- of Information, Addison Wesley Publishing Company, 
cation devices, such as modems and area networks. 1990, p 497. The variable Packet Count represents the 
CPU 31 further comprises a data bus 45 for connecting maximum number of times that a particular initialization 
various memories, including program memory 39, vector can be used in the generation of a PN sequence 
cache memory 60, counter memory 43, and mass stor- 45 24. The maximum value (Max Count) for the variable 
age 41. Program memory 39 contains operating instruo packet count is equal to the maximum count signal 19. 
tions for directing the control of CPU 31. Cache 60 In step 67, packet count is decremented by one, and in 
contains high speed temporary memory for use by CPU step 71 the CPU 31 tests whether Packet Count is equal 
31 in executing the encryption and decryption program to zero. If Packet Count is equal to zero, then the pro- 
instructions of the present invention. Also attached to 50 gram returns to the initialization step in 65. In the event 
data bus 45 is mass storage 41 which contains stored that packet count is not equal to zero, a Ciphertext 
data, utilized by CPU 31 in executing program instroc- sequence is calculated in step 73 using the formula: 
tions from program memory 39. 

Referring also to FIGS. 2 and 3, the XOR gates 16, Cipheitact[t]=PN SeqaacetOXOR Pbtntextp] 

26, 42 and 64 are implemented by CPU 31 using Bool- 55 

can arithmetic; counter 21 is implemented using counter where i is an indexing integer ranging from zero to one 
memory 43; and the caches 22 and 48 are implemented less than the length of the plaintext sequence in bits. It 
using cache 60 memory. PN generator 18 and 44 are should be noted that in this preferred method, the 
implemented by the CPU 31 using a conventional pseu- length of the plaintext, PN, and ciphertext sequences 
dorandom number generator algorithm. Computer sys- 60 are all of equal length. Following the calculation of the 
tern 40 can implement the encryption system in a nvun- ciphertext sequence, data strings called "messageuv" 
berof ways. A first computer system can act as a trans- and "message. data" are generated, in which message, iv 
mitter 10 and export ciphertext to a second computer is set equal to the initialization vector sequence and 
system via the communication port 33. In this operation message.data is set equal to the ciphertext sequence, 
mode, the first computer acts as transmitter 10 while the 65 The routine exits 77 at which time CPU 31 transmits 
second computer acts as receiver 20. This first mode of message, iv and message .data as a concatenated data 
operation provides for a secure tr an s m ission of sensitive string to communication port 33 or to mass storage 41 
da* 3 - for transmission or storage. 
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Referring now to FIG. 6, with the computer 40 act- switching means having a first sequence input coil- 
ing in the mode of a receiver 20 (FIG. 3), the concate- pled to the output of the second memory and a 
nated data string containing message.iv and message.- second sequence input coupled to the output of 
data is received by CPU 31 in step 87, and the init i alize- the receiver PN generator, for outputting one of 
tion vector and ciphertext sequences are separated. 5 the sequence inputs responsive to the indication 
Using the initialization vector component (messageiv), 0 f the control signal; and 
a search 89 of cache 60 is made for an initialization a decoder which receives the output of the switch- 
vector matching the incoming messageiv. Since each ing m«-ang as a first input and receives the en- 
initialization vector in cache 60 is matched to a PN crypted data as a second input, and combines 
sequence, locating a matching initialization vector to 10 these first and second inputs to produce de- 
the incoming messageiv provides identification of the crypted data. 

PN sequence used to encrypt the incoming message.- 2. The apparatus according to Haim i, wherein the 

data. If the messageiv can be matched 91 to a stored IV transmitter further comprises a transmitter PN genera- 

and PN sequence, the receiver 20 will not have to ex- tor for producing PN sequences which are stored in the 

pend the overhead of creating a new PN sequence to 15 first memory. 

decode the messagtdata sequence. If the sequence is 3. The apparatus according to claim 2, wherein the 
found in the cache 60, then the plaintext data is deter- transmitter PN generator and the receiver PN genera- 
mined 95 using the formula: tor are both initialized using a key which is commonly 

„ . _ mT „ ™„„ , „„ utilized by both the transmitter and the receiver. 

fWteztfi]=PN ScqucnccDJXOR ciphcrt^ 20 4 ^ apparatus according to ciaim 3, wherein the 

If the sequence is not found 91 in the cache 60, then f* 5 ^ ™ generator and the receiver PN genera- 
nnnVi . " ~T ' tor are both further initialized using an initialization 

CPU 31 generates 93 the sequence using the same pseu- , . , . . ... "Tr . T V" 

, ,** , ^ j-.v-e.- vector which is commonly utilized by both the trans- 

dorandom number generation routine used in step 65 of . _ , . 3 J 

e . ■ nutter and receiver. 

FIG. 5, wherein: 25 _ _ . ,. . . M . . , 

5. The apparatus according to claim 4, wherein the 

PN Sequcnce-NewSeqcrv xor Secret Key) transmitter PN generator is initialized by logically com- 

bining the key and the initialization vector. 
This PN Sequence is stored in cache 48 and then used in 6 - Vat apparatus according to claim 5, wherein the 
step 95 to recover the plaintext data 66. The routine 30 kev and ^ c initialization vector are logically combined 
exits in step 97. using an exclusive-OR function. 

The invention has now been explained with reference 7 - Thc apparatus according to claim 1, wherein the . 
to specific embodiments. Other embodiments will be receiver PN generator is initialized by logically combin- 
apparent to those of ordinary skill in the art in light of m 8 the key and the initialization vector, 
this disclosure. For example, the invertible function 35 8 - Tbe apparatus according to claim 5, wherein the 
described in the preferred embodiment is an XOR tunc- receiver PN generator is initialized by logically combin- 
tion. Other invertible functions arc equivalently effec- ^ e ke Y and the initialization vector using the same 

tive. Also the counter 21 is shown as a "preset with function as is used in the transmitter, 
decrement-to-zero" function. Alternative up-counters 9t Tne apparatus according to claim 1, further com- 
and the CPU-implemented increment-and-compare 40 Posing an initialization vector generator for selectively 
functions arc viewed as equivalents with respect to the generating initialization vectors, 
present invention. Therefore, it is not intended that this The apparatus according to claim 9 further corn- 

invention be limited, except as indicated by the ap- prising a counter having an output coupled to the im- 
pended claims. tialization vector generator for controlling the output- 

What is claimed is: 45 ting of the selected PN sequence. 

1. An apparatus for variable-overhead cached en- 11. The apparatus according to claim 10 f wherein thc 
cryption and decryption comprising: counter is initialized to a maximum count value and the 

(i) a transmitter for encrypting plaintext data, the counter enables thc outputting of a number of identical 
transmitter further comprising: selected PN sequences such that the number of sequen- 
a first memory for storing at least one Pseudoran- 50 ccs output is equal to the value of the maximum count. 

dom Number (PN) sequence and for outputting a 12- The apparatus according to claim 1, wherein the 
selected PN sequence; encoder produces encrypted data by combining the 

an encoder which receives the selected PN se- encoder first and second inputs using an invertible func- 
quence from the first memory as a first input and tion. 

receives the plaintext data as a second input, and 55 13. The apparatus according to claim 12, wherein the 
responsive to these first and second inputs pro- encoder produces encrypted data by combining the first 
duces the encrypted data; and second inputs using an exclusive-OR function. 

(ii) a receiver for decrypting encrypted data, the 14. The apparatus according to claim 1, wherein the 
receiver comprising: encrypted data is transferred from the transmitter to the 
a second memory for storing at least one Psendo- 60 receiver in a data stream, the data stream comprising 

random Number (PN) sequence; the encrypted data concatenated with the initialization 

a receiver PN generator which generates and pro- vector, 
vides as an output the same selected PN se- 15. The apparatus according to claim 14, wherein the 
quence which is received by the encoder; second memory further comprises an input for receiv- 

a control signal responsive to the contents of the 65 ing the initialization vector, 
second memory which indicates whether the 16. The apparatus according to claim 15, wherein PN 
selected PN sequence is stored in the second sequences stored in the second memory are indexed by 
memory; initialization vectors. 
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17. The apparatus according to claim 16, wherein the 
input for receiving the initialization vector is compared 
with stored initialization indexes to determine whether 
the selected PN sequence has been previously stored in 
the second memory. S 

18. The apparatus according to claim 5 in which the 
receiver PN generator further comprises a first and 
second input, wherein the first input receives the key 
and the second input receives the initialization vector. 

19. The apparatus according to claim 18 in which the 10 
functions used in the receiver PN generator and the 
transmitter PN generator are identical. 

20. The apparatus according to claim 1, wherein the 
transmitter and receiver are implemented using at least 
one general purpose computer. 15 

21. The apparatus according to claim 20, wherein the 
encrypted data is stored to a mass storage device prior 
to being decrypted. 

22. An encryption system comprising: 

transmitter means for encrypting plaintext data into 20 
ciphertext, the transmitter means further compris- 
ing: 

selectively controlled first memory storage means 
for storing a first pseudorandom sequence, 
wherein the selective control of the first memory 25 
storage means enables reuse of the first pseudo- 
random sequence, and 
encoding means for combining the first pseudoran- 
dom sequence with the plaintext data to produce 
the cipheitext; and 30 
receiver means for receiving the ciphertext from the 
transmitter means and decrypting the ciphertext to 
the original plaintext, the receiving means further 
comprising second storage means for storing a 
second pseudorandom sequence, wherein the sec- ' 35 
ond pseudorandom sequence is used in combina- 
tion with the ciphertext to produce the plaintext 
and wherein the second pseudorandom sequence 
may be retrieved from the second storage means 
and used for producing the plaintext each time the 40 
selective control of the first memory storage means 
enables reuse of the first pseudorandom sequence 
in the transmitter means. 

23. The encryption system according to claim 22, 
wherein the transmitter means further comprises: 45 

a pseudorandom generator means coupled to the first 
memory means for generating a pseudorandom 
sequence from a secret key and a public initializa- 
tion vector. 

24. The encryption system according to claim -23, ' 50 
wherein the receiver means further comprises: 

a pseudorandom number generator means coupled to 
the second memory means for generating the sec- 
ond pseudorandom sequence utilizing the identical 
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secret key and the public initialization vector used 
in the transmitter means, wherein the second pseu- 
dorandom sequence is stored in the second mem- 
ory means, and wherein the second pseudorandom 
sequence generated in the receiver means is identi- 
cal to the first pseudorandom sequence generated 
in the transmitter means. 

25. A method for variable-overhead cached encryp- 
tion and decryption comprising the steps: 

0) encrypting a sequence of plaintext data comprising 
the substeps: 

generating a first pseudorandom number from a 
public initialization vector and a secret key; 

encrypting the plaintext data to produce a cipher- 
text by logically combining the plaintext data 
with the stored first pseudorandom number; and 

exporting the ciphertext in concatenated combina- 
tion with the initialization vector; 
(ii) decrypting the ciphertext in a receiver comprising 

storage for unique pairs of initialization vectors and 

second pseudorandom numbers, the decrypting 

step comprising the substeps: 

importing the concatenated combination from (i); 

separating the ciphertext from the initialization 
vector in the concatenated combination; 

searching the storage for a unique initialization 
vector and second pseudorandom number pair 
having an initialization vector which matches 
the imported initialization vector; 

decrypting the imported ciphertext using the sec- 
ond pseudorandom number corresponding to the 
matched initialization vector, if such an initial- 
ization vector match is found; and 

generating a second pseudorandom number from 
the imported initialization vector and the secret 
key used in (i) and using the generated second 
pseudorandom number to decrypt the imported 
ciphertext, if no initialization vector match is 
found in the searching substep above. 

26. The method for variable-overhead cached en- 
cryption and decryption according to claim 25, wherein 
the substep of generating a second pseudorandom num- 
ber from the imported initialization vector further com- 
prises the step of storing the generated second pseudo- 
random number and its corresponding initialization 
vector in storage for future use in decrypting. 

27. The method for variable-overhead cached en- 
cryption and decryption according to claim 25, wherein 
the substeps of decrypting the imported ciphertext if an 
initialization vector match is found, further comprises 
the step of logically combining the imported ciphertext 
with the stored second pseudorandom sequence. 

***** 



60 



65 



02/18/2004, EAST 



Version: 1.4.1 



